Software manipulator Charlie Miller discovered a small, but potentially critical flaw in Apple iOS’s app market. As it turns out a malicious app can be uploaded to the market by a hacking ne’er do well who can then manipulate the phone into giving away personal information or performing functions (like texting) without the owner’s knowledge.
Miller, who informed Apple about the flaw, was promptly banned from the iOS developer program for a year. In the process of discovering and testing the flaw, Miller created an app disguised as a stock ticker and had it approved by for distribution in the app store. According to CNN,
That app only was capable of hurting his own devices, he said, and was uploaded to the App Store to test the bug. “It’s not evil or bad or anything,” he said. “It never even downloads code and runs it unless I run it.” It since has been removed from the App Store.
Apple argues that Miller developed a program that obscured and misrepresented his app, against the express agreements iOS developers consent to. Miller cites his extensive history of malware whistle-blowing and his honesty-after-the-fact as reasons to take him at his word.